Debian Package Tracker
Register | Log in
Subscribe

mxml

Choose email to subscribe with

general
  • source: mxml (main)
  • version: 3.2-1
  • maintainer: Alastair McKinstry (DMD)
  • arch: any
  • std-ver: 4.5.0
  • VCS: Git (Browse, QA)
versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]
[pool directory]
  • o-o-stable: 2.6-2
  • o-o-sec: 2.6-2+deb8u1
  • oldstable: 2.10-1
  • stable: 2.12-2
  • testing: 3.2-1
  • unstable: 3.2-1
versioned links
  • 2.6-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 2.6-2+deb8u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 2.10-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 2.12-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 3.2-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
binaries
  • libmxml-dev
  • libmxml1 (1 bugs: 0, 1, 0, 0)
action needed
Failed to analyze the VCS repository. Please troubleshoot and fix the issue. high
vcswatch reports that there is an error with this package's VCS, or the debian/changelog file inside it. Please check the error shown below and try to fix it. You might have to update the VCS URL in the debian/control file to point to the correct repository.

fatal: could not read Username for 'https://salsa.debian.org:': No such device or address
Created: 2018-07-09 Last update: 2021-01-17 14:34
2 security issues in sid high
There are 2 open security issues in sid.
2 important issues:
  • CVE-2018-20592: In Mini-XML (aka mxml) v2.12, there is a use-after-free in the mxmlAdd function of the mxml-node.c file. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted xml file, as demonstrated by mxmldoc.
  • CVE-2018-20593: In Mini-XML (aka mxml) v2.12, there is stack-based buffer overflow in the scan_file function in mxmldoc.c.
Please fix them.
Created: 2018-12-10 Last update: 2020-10-19 06:00
2 security issues in bullseye high
There are 2 open security issues in bullseye.
2 important issues:
  • CVE-2018-20592: In Mini-XML (aka mxml) v2.12, there is a use-after-free in the mxmlAdd function of the mxml-node.c file. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted xml file, as demonstrated by mxmldoc.
  • CVE-2018-20593: In Mini-XML (aka mxml) v2.12, there is stack-based buffer overflow in the scan_file function in mxmldoc.c.
Please fix them.
Created: 2019-07-07 Last update: 2020-10-19 06:00
1 bug tagged patch in the BTS normal
The BTS contains patches fixing 1 bug, consider including or untagging them.
Created: 2020-10-19 Last update: 2021-01-20 22:02
3 ignored security issues in stretch low
There are 3 open security issues in stretch.
3 issues skipped by the security teams:
  • CVE-2018-20004: An issue has been found in Mini-XML (aka mxml) 2.12. It is a stack-based buffer overflow in mxml_write_node in mxml-file.c via vectors involving a double-precision floating point number and the '<order type="real">' substring, as demonstrated by testmxml.
  • CVE-2018-20592: In Mini-XML (aka mxml) v2.12, there is a use-after-free in the mxmlAdd function of the mxml-node.c file. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted xml file, as demonstrated by mxmldoc.
  • CVE-2018-20593: In Mini-XML (aka mxml) v2.12, there is stack-based buffer overflow in the scan_file function in mxmldoc.c.
Please fix them.
Created: 2018-12-10 Last update: 2020-10-19 06:00
2 ignored security issues in buster low
There are 2 open security issues in buster.
2 issues skipped by the security teams:
  • CVE-2018-20592: In Mini-XML (aka mxml) v2.12, there is a use-after-free in the mxmlAdd function of the mxml-node.c file. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted xml file, as demonstrated by mxmldoc.
  • CVE-2018-20593: In Mini-XML (aka mxml) v2.12, there is stack-based buffer overflow in the scan_file function in mxmldoc.c.
Please fix them.
Created: 2018-12-10 Last update: 2020-10-19 06:00
Build log checks report 1 warning low
Build log checks report 1 warning
Created: 2014-07-02 Last update: 2019-08-22 21:35
Standards version of the package is outdated. wishlist
The package should be updated to follow the last version of Debian Policy (Standards-Version 4.5.1 instead of 4.5.0).
Created: 2020-11-17 Last update: 2020-11-17 05:41
news
[rss feed]
  • [2020-10-19] mxml 3.2-1 MIGRATED to testing (Debian testing watch)
  • [2020-10-13] Accepted mxml 3.2-1 (source) into unstable (Alastair McKinstry)
  • [2019-09-07] mxml 3.1-1 MIGRATED to testing (Debian testing watch)
  • [2019-09-01] Accepted mxml 3.1-1 (source) into unstable (Alastair McKinstry)
  • [2019-08-28] mxml 3.0-1 MIGRATED to testing (Debian testing watch)
  • [2019-08-22] Accepted mxml 3.0-1 (source) into unstable (Alastair McKinstry)
  • [2019-01-25] Accepted mxml 2.6-2+deb8u1 (source amd64) into oldstable (Abhijith PA)
  • [2019-01-07] mxml 2.12-2 MIGRATED to testing (Debian testing watch)
  • [2019-01-02] Accepted mxml 2.12-2 (source amd64) into unstable (Alastair McKinstry)
  • [2018-10-11] mxml 2.12-1 MIGRATED to testing (Debian testing watch)
  • [2018-10-06] Accepted mxml 2.12-1 (source amd64) into unstable (Alastair McKinstry)
  • [2018-07-14] mxml 2.11-2 MIGRATED to testing (Debian testing watch)
  • [2018-07-09] Accepted mxml 2.11-2 (source amd64) into unstable (Alastair McKinstry)
  • [2018-03-08] mxml 2.11-1 MIGRATED to testing (Debian testing watch)
  • [2018-03-02] Accepted mxml 2.11-1 (source amd64) into unstable (Alastair McKinstry)
  • [2016-09-21] mxml 2.10-1 MIGRATED to testing (Debian testing watch)
  • [2016-09-15] Accepted mxml 2.10-1 (source amd64) into unstable (Alastair McKinstry)
  • [2016-09-06] mxml 2.9-3 MIGRATED to testing (Debian testing watch)
  • [2016-08-31] Accepted mxml 2.9-3 (source amd64) into unstable, unstable (Alastair McKinstry)
  • [2016-06-16] mxml 2.9-2 MIGRATED to testing (Debian testing watch)
  • [2016-06-11] Accepted mxml 2.9-2 (source amd64) into unstable (Alastair McKinstry)
  • [2016-06-10] Accepted mxml 2.9-1 (source amd64) into unstable (Alastair McKinstry)
  • [2013-01-03] Accepted mxml 2.7-1 (source amd64) (Luis Uribe) (signed by: Yaroslav Halchenko)
  • [2011-02-06] mxml 2.6-2 MIGRATED to testing (Debian testing watch)
  • [2010-10-22] Accepted mxml 2.6-2 (source mipsel) (Luis Uribe) (signed by: Anibal Monsalve Salazar)
  • [2009-11-27] mxml 2.6-1 MIGRATED to testing (Debian testing watch)
  • [2009-11-17] Accepted mxml 2.6-1 (source amd64) (Luis Uribe)
  • [2008-07-09] mxml 2.5-2 MIGRATED to testing (Debian testing watch)
  • [2008-06-29] Accepted mxml 2.5-2 (source amd64) (Luis Uribe)
  • [2008-05-21] mxml 2.5-1 MIGRATED to testing (Debian testing watch)
  • 1
  • 2
bugs [bug history graph]
  • all: 6
  • RC: 0
  • I&N: 6
  • M&W: 0
  • F&P: 0
  • patch: 1
links
  • homepage
  • lintian
  • buildd: logs, checks, clang, reproducibility, cross
  • popcon
  • browse source code
  • edit tags
  • other distros
  • security tracker
ubuntu Ubuntu logo [Information about Ubuntu for Debian Developers]
  • version: 3.2-1
  • 2 bugs

Debian Package Tracker — Copyright 2013-2018 The Distro Tracker Developers
Report problems to the tracker.debian.org pseudo-package in the Debian BTS.
Documentation — Bugs — Git Repository — Contributing